More options

Level 46

Hackers are embedding malicious code within compromised, uploaded images on trusted Google sites – weaponizing the website and staying under the radar.

Malware that uses Exchangeable Image File Format (EXIF) data to hide its code has migrated to a new platform: GoogleUserContent sites, such as Google+ and blogger forums.
In this technique, previously seen on Pastebin and GitHub, hackers embed malicious code within uploaded images – a stealthy approach, since images are rarely scanned for malware, researchers at Sucuri said on Thursday.

These scripts can weaponize the website by uploading a predefined web shell or arbitrary files, placing defacement pages, establishing backdoors and more, and then can email the addresses of successfully exploited sites back to the attacker. The migration to Google exacerbates the pervasiveness of the problem.

We use cookies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audience is coming from.
By continuing to use this site, you are consenting to our use of cookies.